From 3a9b9b2deb8e19fa10e7c3c99ad0baa2f90f13fa Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sat, 19 Nov 2016 17:20:34 +0100 Subject: [PATCH] Make the random number generator predictable when fuzzing. Reviewed-by: Rich Salz GH: #2023 --- crypto/rand/md_rand.c | 4 ++-- fuzz/README.md | 3 ++- fuzz/server.c | 8 ++++++++ 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c index 85ce4e6f98..0cf6e90834 100644 --- a/crypto/rand/md_rand.c +++ b/crypto/rand/md_rand.c @@ -33,7 +33,7 @@ # include #endif -#ifdef BN_DEBUG +#if defined(BN_DEBUG) || defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) # define PREDICT #endif @@ -307,7 +307,7 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo) #ifdef PREDICT if (rand_predictable) { - static unsigned char val = 0; + unsigned char val = 0; for (i = 0; i < num; i++) buf[i] = val++; diff --git a/fuzz/README.md b/fuzz/README.md index c5a1ba9c9a..d0c30f4461 100644 --- a/fuzz/README.md +++ b/fuzz/README.md @@ -38,7 +38,8 @@ Configure for fuzzing: $ CC=clang ./config enable-fuzz-libfuzzer \ --with-fuzzer-include=../../svn-work/Fuzzer \ --with-fuzzer-lib=../../svn-work/Fuzzer/libFuzzer \ - -DPEDANTIC enable-asan enable-ubsan no-shared + -DPEDANTIC enable-asan enable-ubsan no-shared \ + -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION $ sudo apt-get install make $ LDCMD=clang++ make -j $ fuzz/helper.py $FUZZER diff --git a/fuzz/server.c b/fuzz/server.c index b8a3ac44e3..4f2c794a4c 100644 --- a/fuzz/server.c +++ b/fuzz/server.c @@ -191,6 +191,10 @@ static const uint8_t kRSAPrivateKeyDER[] = { static SSL_CTX *ctx; +#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION +extern int rand_predictable; +#endif + int FuzzerInitialize(int *argc, char ***argv) { const uint8_t *bufp = kRSAPrivateKeyDER; @@ -214,6 +218,10 @@ int FuzzerInitialize(int *argc, char ***argv) OPENSSL_assert(ret == 1); X509_free(cert); +#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION + rand_predictable = 1; +#endif + return 1; } -- 2.25.1